Question
SSL traffic inspection best practices
Hi
I am a bit confused, I would like to add some ssl traffic inspection but for waf/ips, but I am not sure where/what's the best approach.
I have a mix of Virtual server and Virutal IP. Should I use the Virtual server SSL Offloading configuration or using the SSL/SSH security profiles configured as "Protecting SSL Server" with certifcate and added to the ingress firewall rules sufficient?
Also what about the same VIP/VirtualServer have mutiple domain hosted behind (abc.com, exmaple.com, bbb.com) how can all ssl traffic be inspected ?
Thanx all !